Confidential information that gets stored as a singleton in Jenkins, mostly some random token value.

The actual value is persisted via ConfidentialStore, but each use case that requires
a secret like this should use a separate ConfidentialKey instance so that one compromised
ConfidentialKey (say through incorrect usage and failure to protect it) shouldn't compromise
all the others.

ConfidentialKey is ultimately a sequence of bytes,
but for convenience, a family of subclasses are provided to represent the secret in different formats.
See HexStringConfidentialKey and HMACConfidentialKey for example. In addition to the programming
ease, these use case specific subtypes make it harder for vulnerability to creep in by making it harder
for the secret to leak.